Skip to content

service: add CAP_SETPCAP capability

Stijn Tintel requested to merge stintel/NetworkManager:caps into main

The NetworkManager strongSwan and L2TP plugins fail due to not being able to drop capabilities:

dec 29 01:42:36 sylvester charon-nm[15164]: 00[LIB] dropping capabilities failed: Operation not permitted dec 29 01:42:36 sylvester charon-nm[15164]: 00[DMN] capability dropping failed - aborting charon-nm

dec 29 02:02:19 taz charon[2191488]: 00[LIB] dropping capabilities failed: Operation not permitted dec 29 02:02:19 taz charon[2191488]: 00[DMN] capability dropping failed - aborting charon

Fix this by adding CAP_SETPCAP to the CapabilityBoundingSet parameter of the systemd unit file.

Signed-off-by: Stijn Tintel stijn@linux-ipv6.be

Merge request reports